Android’s hide and seek with malicious apps continues

The open and flexible nature of Android OS makes it more vulnerable to security issues, than perhaps other operating systems such as iOS. The ever-evolving nature of malware also makes detecting malicious apps harder. According to anti-virus company Quick Heal, malware attacks on Android devices increased by 40% in Q3 2017 and apps from third-party stores continue to be the top source of malicious apps. That doesn’t mean every app on the Play Store is harmless. A number of malicious apps were detected on the Play Store. Here are the latest malware attacks users need to be aware of.

Malware that apes original apps

An Android malware called Flash Player is targeting banking and cryptocurrency apps. So far 232 banking and cryptocurrency apps are reportedly affected by it, according to anti-virus company Quick Heal. This puts users who randomly download apps from third-party app stores at greater risk than users who stick to the Play Store. The malware infiltrates a smartphone by asking users to download a flash player app. Once installed it asks for accessibility rights which it uses to imitate notifications of these banking apps and asks users for their user ID and password.

The best way of steering clear of such malwares is to never download apps from third-party stores. Also, one should be more careful before giving accessibility rights to any app. Users who are already affected should change the passwords of their banking apps and factory reset their smartphone.

New kind of malware

Google scans the Play Store regularly through Play Protect security tool, yet malicious apps manage to sneak through. What makes them hard to identify is the new languages and methods used by hackers to write them. Anti-virus company Trend Micro found a new type of malware written using Kotlin, a fully-supported programming language for Android which is believed to be more secure and is used by a number of genuine Android apps. The malware was passed on through a utility app which has been downloaded from Google Play Store by around 5,000 users before it was taken down by Google.

Once the malware is installed, it uses the mobile connection to subscribe for a premium SMS subscription service without users’ knowledge. The remote server uses the subscription to send URLs to other devices and generate clicks. This malware doesn’t target any of the confidential data, but can cause monetary loss to users through the SMS subscription service. Users should read the details of new apps and only download apps from trusted developers.

Fake anti-virus apps

Another malware called AdultSwine was detected in over 60 apps and games on Play Store by researchers at Check Point security, who believe these apps have been downloaded on more than 7 million Android devices.

Once installed on a device, the app starts showing pornographic advertisements. Clicking on them displays messages on mobile browser warning users their smartphone has been infected and then suggests some fake anti-virus apps to flush out the malware. Once the anti-virus app is installed, the hacker has access to the phone’s accessibility rights as most anti-virus apps require that to work.

The 60 infected apps have already been removed from the Play Store by Google.

Malware that can damage smartphones

Most malware attacks target users for confidential data. Loapi is a rare malware which targets a smartphone to mine a cryptocurrency called Monero. Researchers at Kaspersky Lab found the malware hiding in 20 apps on third-party stores. Once installed on a smartphone, Loapi uses its resources to solve a cryptographic challenge and earn rewards in the form of a cryptocurrency. Kaspersky claims the malware can open 28,000 URLs on a smartphone in a day. This can cause serious damage to the phone’s internals such as battery and motherboards. To avoid this kind of malware and protect their smartphone, users should keep away from third-party app stores.livemint